Google dorks

Générateur de dorks personnel

Google, Bing, Yahoo dorks

Il s'agit des méthodes de recherches avancés des moteurs de recherches, en utilisant certaines fonctionnalité des moteurs de recherche que nous utilisons, nous somme parfois capable de retrouver du contenu sensible exposé sur internet.

Exemple de google dorks:

site:*target.com
site:*.*.target.com
site:*.*.*.target.com 
site:*target.com filetype:pdf
site:target.* inurl:/admin
site:target.com intext:"index of /"
site:*target.com inurl:"/content/dam"
site:*target.com intitle:"index of" "docker-compose.yml"
site:*target.com intitle:"index of"|"access_token.json"
site:*target.com intitle:"index of" "config.json"
site:*target.com intitle:"index of" "service-Account-Credentials.json" | "creds.json"
site:*target.com intitle:"index of" "db.json"
site:*target.com intitle:"index of" "credentials.json"
site:*target.com intitle:"index of" "awsconfig.json"
site:*target.com filetype:csv admin
site:codepad.co "company"
site:scribd.com "company"
site:npmjs.com "company"
site:npm.runkit.com "company"
site:libraries.co "company"
site:ycombinator.com "company"
site:coggle.it "company"
site:papaly.com "company"
site:google.com "compagny"
site:trello.com "company"
site:prezi.com "company"
site:jsdelivr.net "company"
site:codepen.io "company"
site:codeshare.io "company"
site:sharecode.io "company"
site:pastebin.com "company"
site:repl.it "company"
site:gitter.im "company"
site:bitbucket.org "company"
site:zoom.us "company"
site:atlassian.com "company"
site:s3.amazonaws.com inurl:"company"
site:storage.googleapis.com "http://target.com"
inurl:gitlab "company"
intext:"index of" /etc/passwd
intext:"index of" /etc/shadow
"index.of" id_rsa inurl:target
"index.of" private.key inurl:target
"© target 20XX"
"© 20XX target"
inurl:ftp inurl:(http|https) "target" filetype:pdf
...

AWS S3 buckets

inurl:s3.amazonaws.com/legacy/
inurl:s3.amazonaws.com/uploads/
inurl:s3.amazonaws.com/backup/
inurl:s3.amazonaws.com/mp3/
inurl:s3.amazonaws.com/movie/
inurl:s3.amazonaws.com/video/
...

Autres stockages cloud

site:http://blob.core.windows.net "target.com"
site:http://googleapis.com "target.com"
site:http://drive.google.com "target.com"
site:dropbox.com/s "target.com"
site:box.com/s "target.com"
site:docs.google.com inurl:"/d/" "target.com"

Documentation API

inurl:/swagger-ui.html -github -gitlab -reddit -stackoverflow -medium
inurl:/api/swagger -github -gitlab -reddit -stackoverflow -medium
inurl:/api/v1/docs | inurl:/api/v2/docs | inurl:/api/v3/docs
inurl:/api/apidocs

CMS

#Drupal
intext:"Powered by Drupal" inurl:"/node/1" -drupal.com -drupal.org -github
inurl:"sites/all/modules/ckeditor" -drupalcode.org

#WordPress
intext:"Index" inurl:"wp-" -wordpress.org -stackexchange -github
inurl:"/wp-json/wp/v2/users/" "id":1,"name":" -wordpress.stackexchange.com -stackoverflow.com
inurl:"/wp-content/uploads"
inurl:"wp-register.php" -wordpress.com -wordpress.org -github
intitle:"index of" "wp-config.php.bak"

#Joomla
inurl:"/libraries/joomla/database/"

Frameworks

#Symfony
intitle:"index of" "symfony/config"
inurl:"_fragment" | inurl:"_profiler"
inurl:"_profiler/phpinfo"
inurl:"_profiler/open"

#Ruby on rails
inurl:"index.rb"
inurl:"/config/database.yml"
inurl:"/config/initializers/secret_token.rb"
inurl:"/db/seeds.rb"
inurl:"/db/development.sqlite3"

Git exposé

“index of” inurl:.git
intitle:"index of" .git/hooks/
filetype:git

Cache

Voir version de site web en cache:

cache:exemple.com/blabla

Monitoring

Il est également possible de recevoir des alertes à chaque nouveau résultat pour une recherche donnée avec google.

ressource: https://www.google.com/alerts

0xdork

0xdork est un outil de google dorking très simple et léger écrit en python.

Exemple d'utilisation:

$ ./oxdork -q site:*.target.com -c 30

ressource: https://github.com/rly0nheart/oxdork.git

Katana

Katana est un autre outil permettant de récupérer les réponse à une google dork.

Exemple d'utilisation:

$ python3 kds.py -g

ressource: https://github.com/TebbaaX/Katana

ressources:

PrécédentManuel / Dorks SuivantGithub dorks

Dernière mise à jour il y a 11 mois